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DETAILED ACTION 



This final action is in response to the amendment filed on 09/04/2008. Claims 1, 3, 5-10, 
& 12-20 are pending and have been considered as follows. 



Examiner Note 

In view of the applicant's amendments, the examiner hereby withdraws his previous 
Specification Objection with respect to Claim 16 and withdraws his previous Claim Objections 
with respect to Claims 1, 9, & 16. 



Claim Rejections - 35 USC § 101 

1. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or 
any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and 
requirements of this title. 

Claim 9 is rejected under 35 U.S.C. 101 because the claimed invention is directed to non- 
statutory subject matter. 

Claim 9 recites a system that performs function steps but without any mention of 
hardware or some structure that performs these function steps. 

o The examiner notes that unless clearly defined in the applicant's 

Specification/original disclosure, "computer" does not clearly define a computer 
device comprising a processor and memory with instructions stored on the 
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memory that once executed by the processor perform method steps; that is, a 
"computer" unless clearly defined could merely be a virtual machine, thereby 
being only software; 

See, e.g., Rubber-Tip Pencil Co. v. Howard, 87 U.S. (20 Wall) 498, 507 (1874) ("idea of 
itself is not patentable, but a new device by which it may be made practically useful is "); 
Mackay Radio & Telegraph Co. v. Radio Corp. of America, 306 U.S. 86, 94, 40 USPQ 
199, 202 (1939) ("While a scientific truth, or the mathematical expression of it, is not 
patentable invention, a novel and useful structure created with the aid of knowledge of 
scientific truth may be. "); Warmerdam, 33 F.3d at 1360, 31 USPQ2d at 1 759 ("steps of 
locating' a medial axis, and creating' a bubble hierarchy . . . describe nothing more than 
the manipulation of basic mathematical constructs, the paradigmatic abstract idea "') 



Claim Rejections - 35 USC §103 

2. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

3. Claims 1, 3, 5-10, & 12-20 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Raith (US-5241598-A) in view of Hatta (US-5 1 15508-A) and in further view of BanesetaL 
(US-20030182584-A1). 

Claim 1: 

Raith discloses a method of resetting a key for accessing a computer program comprising, 

"setting a flag to indicate that the key is to be reset" (i.e. "including in a message sent 
from the network to the mobile station an order or a signal (flag) to reset the B-key") 
[column 30 lines 52-53]; 
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"starting a process associated with the program" (i.e. "Execution of the authentication 
algorithm in the home network") [column 17 lines 37-38]; 

"determining, after the process has been started, whether the flag is set" (i.e. "The 
network may reset the B-key value in the network to the selected value immediately 
before or at the time of activating the B-key step flag, i.e., setting the bit-value equal to 1 
for example, in an order message sent to the mobile station or immediately after receiving 
from the mobile station an acknowledgement of the order message") [column 30 lines 65- 
68 & column 31 lines 1-3]; 

"resetting the key to a default value based on the flag" (i.e. "According to the present 
invention, resynchronization of the B-key used by the network and the mobile station 
may be accomplished by resetting the B-key input to AUTH in each of the network and 
the mobile station to a selected value") [column 30 lines 38-42]; 
but, Raith does not explicitly disclose, 

"wherein the flag comprises an environment variable stored at a computer on which the 
computer program is installed," although Hatta does suggest storing a flag and Banes et 
al do suggest a reset flag, as recited below; 

"determining whether the flag is set comprises reading the environment variable," 
although Hatta does suggest judging a flag to make a decision, as recited below; 
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"a prescribed level of privilege with respect to the computer is required to set the flag 
and start the process such that a user having the prescribed level of privilege but not the 
key can without intervention of a provider with which the computer program is 
associated cause the key to be reset to the default value," although Banes et al. do 
suggest password resetting without the aid of a third party, as recited below; 
however, Hatta does disclose, 

"store writing prohibition flag WRP" [column 3 line 4]; 

- "the condition of the password setting flag PASF1 is judged" [column 3 lines 35-36]; 
whereas, Banes et al. do disclose, 

- "The B-key reset flag may consist of any number of bits and, in the simplest case, may 
be no more than a single bit (1 or 0) assigned to a specific field in the message 
transmitted from the network to the mobile station" [column 30 lines 61-64]; 
"implementations creating a password reset disk and using the password reset disk to 
reset a user password in a computer system are shown. Utilizing the described systems 
and methods a user can create a password reset disk that~in the event that the user 
forgets her password -can be used to securely create a new password for the user 
without the user having to contact a third party" [page 1 para 9 lines 1-7]; 

Therefore, it would have been obvious for one of ordinary skill in the art at the time of the 
applicant's invention to include, "wherein the flag comprises an environment variable stored at a 
computer on which the computer program is installed" and "determining whether the flag is set 
comprises reading the environment variable" and "a prescribed level of privilege with respect to 
the computer is required to set the flag and start the process such that a user having the 
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prescribed level of privilege but not the key can without intervention of a provider with which 
the computer program is associated cause the key to be reset to the default value," in the 
invention as disclosed by Raith for the purposes of storing a flag value and permitting a user to 
reset their password without intervention of a third party. 
Claim 3: 

Raith , Hatta, and Banes et al. disclose a method of resetting a key for accessing a computer 

program, as in Claim 1 above, further comprising, 

- "logging in with, sufficient privileges to start the process" (i.e. "To guard against this 
risk, the performance of a B-key reset may be linked to the performance of bilateral 
authentication, i.e., to the validation of the network") [column 32 lines 4-7]. 

Claim 5: 

Raith, Hatta, and Bancs ct al. disclose a method of resetting a key for accessing a computer 

program, as in Claim 1 above, further comprising, 

"resetting the key to a default value includes instructing a database system to reset the 
key" (i.e. "According to the present invention, resynchronization of the B-key used by the 
network and the mobile station may be accomplished by resetting the B-key input to 
AUTH in each of the network and the mobile station to a selected value" [column 30 
lines 38-42]. 
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Claim 6: 

Raith, Hatta, and Banes et al. disclose a method of resetting a key for accessing a computer 

program, as in Claim 1 above, further comprising, 

- "unsetting the flag" (i.e. "The B-key reset flag may consist of any number of bits and, in 
the simplest case, may be no more than a single bit (1 or 0) assigned to a specific field in 
the message transmitted from the network to the mobile station") [column 30 lines 61- 
64]. 

Claim 7: 

Raith , Hatta, and Banes et al. disclose a method of resetting a key for accessing a computer 

program, as in Claim 6 above, further comprising, 

"starting the process again" (i.e. "When the mobile subscriber crosses over into another 
area, the exchange associated with that area, upon receiving an identity signal from the 
telephone unit, will record an indication of the mobile subscriber's presence there and 
then transmit the identity signal to all of the other exchanges together with its own 
identity signal, for the purpose of updating the mobile subscriber's position") [column 2 
lines 59-66]. 

Claim 8: 

Raith , Hatta, and Banes et al. disclose a method of resetting a key for accessing a computer 

program, as in Claim 6 above, further comprising, 

"changing the key from the default value to a secure value" (i.e. "Where encryption is 
desired, a new S-key must be calculated since the previous S-key was calculated using 
the previous B-key which was out of synchronization") [column 31 lines 10-13]. 
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Claims 9: 

Raith discloses a system configured to reset a key for accessing a computer program, comprising 
a computer, comprising a computer comprising, 

- "determine whether a flag is set, after a process associated with the computer program is 
started" (i.e. "The network may reset the B-key value in the network to the selected value 
immediately before or at the time of activating the B-key step flag, i.e., setting the bit- 
value equal to 1 for example, in an order message sent to the mobile station or 
immediately after receiving from the mobile station an acknowledgement of the order 
message") [column 30 lines 65-68 & column 31 lines 1-3]; 

- "reset the key to a default value, based on the flag" (i.e. "According to the present 
invention, resynchronization of the B-key used by the network and the mobile station 
may be accomplished by resetting the B-key input to AUTH in each of the network and 
the mobile station to a selected value") [column 30 lines 38-42]; 

but, Raith does not disclose, 

- "wherein the flag comprises an environment variable stored on the computer," although 
Hatta does suggest storing a flag and Banes et al. do suggest a reset flag, as recited 
below; 

"the computer is configured to determine whether the flag is set by reading the 
environment variable," although Hatta does suggest judging a flag to make a decision, as 
recited below; 
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"a prescribed level of privilege with respect to the computer is required to set the flag 
and start the process such that a user having the prescribed level of privilege but not the 
key can without intervention of a provider with which the computer program is 
associated cause the key to be reset to the default value," although Banes et al. do 
suggest password resetting without the aid of a third party, as recited below; 
however, Hatta does disclose, 

"store writing prohibition flag WRP" [column 3 line 4]; 

- "the condition of the password setting flag PASF1 is judged" [column 3 lines 35-36]; 
whereas, Banes et al. do disclose, 

- "The B-key reset flag may consist of any number of bits and, in the simplest case, may 
be no more than a single bit (1 or 0) assigned to a specific field in the message 
transmitted from the network to the mobile station" [column 30 lines 61-64]; 
"implementations creating a password reset disk and using the password reset disk to 
reset a user password in a computer system are shown. Utilizing the described systems 
and methods a user can create a password reset disk that-in the event that the user 
forgets her password -can be used to securely create a new password for the user 
without the user having to contact a third party" [page 1 para 9 lines 1-7]; 

Therefore, it would have been obvious for one of ordinary skill in the art at the time of the 
applicant's invention to include, "wherein the flag comprises an environment variable stored on 
the computer" and "the computer is configured to determine whether the flag is set by reading 
the environment variable" and "a prescribed level of privilege with respect to the computer is 
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required to set the flag and start the process such that a user having the prescribed level of 
privilege but not the key can without intervention of a provider with which the computer 
program is associated cause the key to be reset to the default value," in the invention as disclosed 
by Raith for the purposes of storing a flag value and permitting a user to reset their password 
without intervention of a third party. 
Claim 10: 

Raith , Hatta, and Banes et al. disclose a system configured to reset a key for accessing a 
computer program, comprising a computer, as in Claim 9 above, further comprising, 

"configured to require administrator privileges to start the process" (i.e. "To guard 
against this risk, the performance of a B-key reset may be linked to the performance of 
bilateral authentication, i.e., to the validation of the network") [column 32 lines 4-7]. 
Claim 12: 

Raith , Hatta, and Banes et al. disclose a system configured to reset a key for accessing a 
computer program, comprising a computer, as in Claim 9 above, further comprising, 

- "a database system configured to store the key" (i.e. "the HLR has no voice transmission, 

reception or switching facilities, but is essentially a database from and to which 

information can be read and written") [column 15 lines 7-9]; 

"the system is configured to reset the key by instructing the database system to reset the 
key" (i.e. "the network can retrieve information pertaining to that particular mobile 
station, e.g., security keys, from the location or database") [column 15 line 68 & column 
16 lines 1-2]. 
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Claim 13: 

Raith, Hatta, and Banes et al. a system configured to reset a key for accessing a computer 
program, comprising a computer, comprising a computer, as in Claim 9 above, further 
comprising, 

"the key is associated with an administrator account for accessing the computer program" 
(i.e. "To guard against this risk, the performance of a B-key reset may be linked to the 
performance of bilateral authentication, i.e., to the validation of the network") [column 32 
lines 4-7]. 
Claim 14: 

Raith . Hatta, and Banes et al. disclose a system configured to reset a key for accessing a 
computer program, comprising a computer, as in Claim 9 above, further comprising, 

- "the computer program executes on the computer" (i.e. "an authentication algorithm 
executed in each of the mobile station and the network") [column 7 lines 62-64]. 
Claim 15: 

Raith , Hatta, and Banes et al. disclose a system configured to reset a key for accessing a 
computer program, comprising a computer, as in Claim 9 above, further comprising, 

"the computer program executes on a second computer" (i.e. "an authentication algorithm 
executed in each of the mobile station and the network") [column 7 lines 62-64]. 
Claim 16: 

Raith discloses a computer program product configured to reset a key for accessing a computer 
program, comprising a computer readable storage medium having machine readable code 
embodied therein comprising, 
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"determining whether a flag is set, after a process associated with the computer program 
is started" (i.e. "The network may reset the B-key value in the network to the selected 
value immediately before or at the time of activating the B-key step flag, i.e., setting the 
bit-value equal to 1 for example, in an order message sent to the mobile station or 
immediately after receiving from the mobile station an acknowledgement of the order 
message") [column 30 lines 65-68 & column 31 lines 1-3]; 

"resetting the key to a default value, based on the flag" (i.e. "According to the present 
invention, resynchronization of the B-key used by the network and the mobile station 
may be accomplished by resetting the B-key input to AUTH in each of the network and 
the mobile station to a selected value") [column 30 lines 38-42]; 
but, Raith does not disclose, 

- "wherein the flag comprises an environment variable stored at a computer on which the 
computer program is installed," although Hatta does suggest storing a flag and Bancs ct 
al do suggest a reset flag, as recited below; 

- "determining whether the flag; is set comprises reading the environment variable," 
although Hatta does suggest judging a flag to make a decision, as recited below; 

"a prescribed level of privilege with respect to the computer is required to set the flag 
and start the process such that a user having the prescribed level of privilege but not the 
key can without intervention of a provider with which the computer program is 
associated cause the key to be reset to the default value," although Banes et al. do 
suggest password resetting without the aid of a third party, as recited below; 
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however, Hatta does disclose, 

- "store writing prohibition flag WRP" [column 3 line 4]; 

- "the condition of the password setting flag PASF1 is judged" [column 3 lines 35-36]; 
whereas, Banes et al. do disclose, 

"The B-key reset flag may consist of any number of bits and, in the simplest case, may 
be no more than a single bit (1 or 0) assigned to a specific field in the message 
transmitted from the network to the mobile station" [column 30 lines 61-64]; 

- "implementations creating a password reset disk and using the password reset disk to 
reset a user password in a computer system are shown. Utilizing the described systems 
and methods a user can create a password reset disk that~in the event that the user 
forgets her password -can be used to securely create a new password for the user 
without the user having to contact a third party" [page 1 para 9 lines 1-7]; 

Therefore, it would have been obvious for one of ordinary skill in the art at the time of the 
applicant's invention to include, "wherein the flag comprises an environment variable stored at a 
computer on which the computer program is installed" and "determining whether the flag; is set 
comprises reading the environment variable" and "a prescribed level of privilege with respect to 
the computer is required to set the flag and start the process such that a user having the 
prescribed level of privilege but not the key can without intervention of a provider with which 
the computer program is associated cause the key to be reset to the default value," in the 
invention as disclosed by Raith for the purposes of storing a flag value and permitting a user to 
reset their password without intervention of a third party. 
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Claim 17: 

Raith, Hatta, and Banes et al. disclose a computer program product configured to reset a key for 
accessing a computer program, comprising a computer readable storage medium having machine 
readable code embodied therein, as in Claim 16 above, further comprising, 

"a database system configured to store the key" (i.e. "the HLR has no voice transmission, 
reception or switching facilities, but is essentially a database from and to which 
information can be read and written") [column 15 lines 7-9]; 

- "resetting the key includes instructing the database system to reset the key" (i.e. "the 
network can retrieve information pertaining to that particular mobile station, e.g., security 
keys, from the location or database") [column 15 line 68 & column 16 lines 1-2]. 

Claim 18: 

Raith . Hatta. and Banes et al. disclose a computer program product configured to reset a key for 
accessing a computer program, comprising a computer readable storage medium having machine 
readable code embodied therein, as in Claim 16 above, further comprising, 

- "the key is associated with an administrator account for accessing the computer program" 
(i.e. "To guard against this risk, the performance of a B-key reset may be linked to the 
performance of bilateral authentication, i.e., to the validation of the network") [column 32 
lines 4-7]. 

Claim 19: 

Raith , Hatta, and Banes et al. disclose a computer program product configured to reset a key for 
accessing a computer program, comprising a computer readable storage medium having machine 
readable code embodied therein, as in Claim 16 above, further comprising, 
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"code for requiring sufficient privileges to start the process" (i.e. "To guard against this 
risk, the performance of a B-key reset may be linked to the performance of bilateral 
authentication, i.e., to the validation of the network") [column 32 lines 4-7]. 
Claim 20: 

Raith, Hatta, and Banes et al. disclose a computer program product configured to reset a key for 
accessing a computer program, comprising a computer readable storage medium having machine 
readable code embodied therein, as in Claim 16 above, further comprising, 

- "code for changing the key from the default value to a secure value" (i.e. "Where 
encryption is desired, a new S-key must be calculated since the previous S-key was 
calculated using the previous B-key which was out of synchronization") [column 3 1 lines 
10-13]. 



Response to Arguments 

4. Applicant's arguments filed 09/04/2008 have been fully considered but they are not 
persuasive. 

The applicant's arguments, "the signal taught by Raith is not a "flag" within the meaning 
of the claim because it is not an environment variable that is subsequently read to 
determine whether it has been set to a value indicating that the key should be reset to the 
default value" and "Hatta and Banes likewise do not describe a flag that is an 
"environment variable" stored on a computer with which the recited computer program is 
associated" and "The flags described by Hatta are not used to reset a password to a 
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default value, as recited in claims 1, 9, and 16, but rather to ensure that only holders of 
the password(s) are allowed to perform certain operations," has been carefully considered 
but is non-persuasive. 

o The examiner notes that the prior art may not use the exact same claim language 
as "environment variable," but the "flag" still functions in the same way as the 
applicant's "variable"; unless there is further clarification as to what the 
"environmental variable" comprises to distinguish itself from the prior art, the 
broadest most reasonable interpretation would include any value/variable, thus a 
"flag" which acts similarly would be seen by one of ordinary skill in the art as 
obvious; it is also noted, that the purpose of the "environment variable" can be 
construed as merely intended use, whereas the method in which the variable is 
used resulting in a tangible outcome/transformation may be a novelty; 

Conclusion 

5. Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
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CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Examiner Oscar Louie whose telephone number is 571-270-1684. 
The examiner can normally be reached Monday through Thursday from 7:30 AM to 4:00 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Nasser Moazzami, can be reached at 571-272-4195. The fax phone number for 
Formal or Official faxes to Technology Center 2100 is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private 
PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you 
would like assistance from a USPTO Customer Service Representative or access to the 
automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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/Carl Colin/ 

Primary Examiner, Art Unit 2436 
12/1/2008 



